diff --git a/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml b/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
index 15453bf..caf601d 100644
--- a/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
+++ b/task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
@@ -69,6 +69,17 @@ spec:
     - name: metadata-out
       emptyDir: {}
   steps:
+    - name: run-as-user
+      image: $(params.BUILDER_IMAGE)
+      workingDir: "$(workspaces.source.path)"
+      script: |
+        #!/usr/bin/env sh
+        set -euo pipefail
+        echo "yo"
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
     - name: setup-cache-ownership
       image: $(params.BUILDER_IMAGE)
       workingDir: "$(workspaces.source.path)"